Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer freezes after AVG found Atro Trojan- disk at 100%


  • Please log in to reply
15 replies to this topic

#1 singlemom920

singlemom920

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 01 January 2016 - 04:26 PM

Got computer from a friend a couple of months ago. Was working fine until AVG pop-up said Atro virus was found.  There were also continuous pop-ups about "social" something or another... would pop up every couple of seconds. Computer is almost impossible to use now. Task manager says disk is at 100%.  I am running Window's 10.  Hope you can help.

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:33 PM

Posted 01 January 2016 - 06:57 PM

Welcome to BC..

 

Boot into Safe Mode with Networking and scan with the two programs below.

 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 singlemom920

singlemom920
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 02 January 2016 - 06:07 AM

Thank you for your help.  Here are the results:

 

C:\Users\Heather\Downloads\installer.zip a variant of Win32/InstallCore.ACZ potentially unwanted application deleted - quarantined
C:\Users\Heather\Downloads\ReimageRepair.exe Win32/ReImageRepair.E potentially unwanted application cleaned by deleting - quarantined
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/2/2016
Scan Time: 2:40 AM
Logfile: Malwarebytes_log.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.01.02.02
Rootkit Database: v2015.12.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Heather
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 538363
Time Elapsed: 58 min, 26 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#4 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:33 PM

Posted 02 January 2016 - 06:50 AM

Okay....now boot into regular mode and rerun the MBAM scan along with the ones below. Post the results of all scans except CCleaner.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 philfil

philfil

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:33 AM

Posted 02 January 2016 - 08:11 AM

This could be totally irrelevant but it is worth noting that AVG did send pop-ups to users a short while ago which were intended to encourage downloading of the 2016 version of their antivirus software. In some cases, the popup was only partially displayed and not entirely readable. I mention this because of your phrase " pop-ups about "social" something or another". Those who experienced this found that they couldn't respond to the popup, i.e. they couldn't download v 2016, because the necessary links were missing. It turned out that the cause of this was that the graphic popup was intended for displays set at 100% resolution whereas some users had it set at 150% so that only part of the popup appeared. If they simply closed down the popup, another would appear a while later.

 

However, this phenomenon had nothing to do with virus detection. It was simply a glitch in the AVG promotional campaign.


Edited by philfil, 02 January 2016 - 08:12 AM.


#6 singlemom920

singlemom920
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 02 January 2016 - 10:57 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/2/2016
Scan Time: 6:14 PM
Logfile: Malwarebytes_second_run.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.01.02.07
Rootkit Database: v2015.12.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Heather
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 539026
Time Elapsed: 2 hr, 22 min, 30 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
--------------------------------------------------------------------------------------------------------------
 
# AdwCleaner v5.027 - Logfile created 02/01/2016 at 21:58:07
# Updated 30/12/2015 by Xplode
# Database : 2015-12-30.1 [Server]
# Operating system : Windows 10 Pro  (x64)
# Username : Heather - HEATHER-PC
# Running from : C:\Users\Heather\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\ytd video downloader
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215av
[-] Folder Deleted : C:\ProgramData\Avg_Update_0715av
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Folder Deleted : C:\Users\Heather\AppData\Roaming\Mozilla\Firefox\Profiles\o1visahr.default\Extensions\Avg@toolbar
 
***** [ Files ] *****
 
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] File Deleted : C:\Users\Heather\AppData\Roaming\Mozilla\Firefox\Profiles\o1visahr.default\searchplugins\avg-secure-search.xml
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
[-] Key Deleted : HKU\S-1-5-21-186936371-685096657-845075952-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKU\S-1-5-21-186936371-685096657-845075952-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Heather\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3893 bytes] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Pro x64 
Ran by Heather (Administrator) on Sat 01/02/2016 at 22:41:10.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 5 
 
Successfully deleted: C:\Users\Heather\AppData\Roaming\Mozilla\Firefox\Profiles\o1visahr.default\extensions\bingsearch.full@microsoft.com\search.xml (File) 
Successfully deleted: C:\WINDOWS\system32\Tasks\0215avUpdateInfo (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\0715avUpdateInfo (Task)
Successfully deleted: C:\WINDOWS\Tasks\0215avUpdateInfo.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\0715avUpdateInfo.job (Task) 
 
 
 
Registry: 2 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/02/2016 at 22:50:10.90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 


#7 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:33 PM

Posted 03 January 2016 - 07:06 AM

Okay....tell me what kind of problems you are having now such as excessive ads...search redirects..etc.

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.

 

EDIT: Rerun AdwCleaner and be sure to choose Clean after scan finishes.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 singlemom920

singlemom920
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 03 January 2016 - 10:54 AM

No problem with redirects or ads.  The problem is just with the freezing.  Everything is unresponsive. If I have task manager running when it happens it shows that the "disk" column is stuck at 100%.  It stays like this until I reboot.  I'm sure there is some log of hard drive activity to see what process is responsible but I don't know how to access it, or evaluate it for that matter.

 

Here are the lists you requested:

 

No HKCU:Run Autodesk Sync Autodesk, Inc. C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
No HKCU:Run BingSvc © 2015 Microsoft Corporation C:\Users\Heather\AppData\Local\Microsoft\BingSvc\BingSvc.exe
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No HKCU:Run Dropbox Update Dropbox, Inc. "C:\Users\Heather\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
No HKCU:Run GoogleDriveSync Google "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
No HKCU:Run Messenger (Yahoo!) Yahoo! Inc. "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
No HKCU:Run MonitorTuner UC-Logic C:\PROGRAM FILES (X86)\TABLET\MonitorTuner.exe
No HKCU:Run OneDrive Microsoft Corporation "C:\Users\Heather\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:RunOnce Uninstall C:\Users\Heather\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Heather\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
No HKLM:Run ADSK DLMSession Autodesk, Inc. C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
No HKLM:Run ADSKAppManager Autodesk Inc. "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
Yes HKLM:Run atchk Intel Corporation "C:\Program Files (x86)\Intel\AMT\atchk.exe"
Yes HKLM:Run AvastUI.exe Avast Software s.r.o. "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
Yes HKLM:Run AVG_UI AVG Technologies CZ, s.r.o. "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
Yes HKLM:Run avgnt Avira Operations GmbH & Co. KG "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
No HKLM:Run AvgUi AVG Technologies CZ, s.r.o. "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
Yes HKLM:Run Avira SystrayStartTrigger Avira Operations GmbH & Co. KG C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
Yes HKLM:Run Conime %windir%\system32\conime.exe
No HKLM:Run EKStatusMonitor Eastman Kodak Company C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
No HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
No HKLM:Run WTClient Tablet Driver WTClient.exe
Yes Startup Common McAfee Security Scan Plus.lnk McAfee, Inc. C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
No Startup User Dropbox.lnk Dropbox, Inc. C:\Users\Heather\AppData\Roaming\Dropbox\bin\Dropbox.exe
 
------------------------------------------------------------------------------------
 
Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task CommView for WiFi Update TamoSoft C:\Program Files (x86)\CommViewWiFi\Updater.exe
Yes Task DropboxUpdateTaskUserS-1-5-21-186936371-685096657-845075952-1000Core Dropbox, Inc. C:\Users\Heather\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskUserS-1-5-21-186936371-685096657-845075952-1000UA Dropbox, Inc. C:\Users\Heather\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task GarminUpdaterTask C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task PandaUSBVaccine Panda Security S.L "C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe" "C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe" /resident  /agreelicense
Yes Task {83714368-C56A-40EA-B759-1FD317E41DB7} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\Heather\Downloads\Msvbvm50.exe -d C:\Users\Heather\Downloads
 
-------------------------------------------------------------------------------
 
3D Builder Microsoft Corporation 12/18/2015 10.10.38.0
Adobe Acrobat Reader DC Adobe Systems Incorporated 12/7/2015 375 MB 15.009.20079
Adobe AIR Adobe Systems Incorporated 12/24/2015 23.3 MB 19.0.0.213
Alarms & Clock Microsoft Corporation 12/29/2015 10.1512.58020.0
Amazon Kindle Amazon 12/14/2015
App connector Microsoft Corporation 12/17/2015 1.3.3.0
Apple Application Support (32-bit) Apple Inc. 4/17/2015 126 MB 3.1.3
Apple Application Support (64-bit) Apple Inc. 4/17/2015 145 MB 3.1.3
Apple Mobile Device Support Apple Inc. 3/1/2015 42.6 MB 8.1.1.3
Apple Software Update Apple Inc. 3/1/2015 4.53 MB 2.1.3.127
Aptana Studio Appcelerator 12/14/2015 3.6.0
Audacity 2.0.6 Audacity Team 1/14/2015 28.4 MB 2.0.6
Autodesk 360 Autodesk 9/12/2014 930 MB 5.2.3.1000
Autodesk App Manager Autodesk 9/12/2014 8.40 MB 1.2.0
Autodesk Application Manager Autodesk 12/24/2015 46.3 MB 3.0.159.0
Autodesk AutoCAD 2015 - English Autodesk 12/24/2015 375 MB 20.0.51.0
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 Autodesk 9/12/2014 6.12 MB 1.2.2.0
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit Autodesk 9/12/2014 3.74 MB 3.32.3004
Autodesk Content Service Autodesk 12/24/2015 46.1 MB 3.2.0.0
Autodesk Design Review 2013 Autodesk, Inc. 12/24/2015 57.6 MB 13.0.0.82
Autodesk Download Manager Autodesk, Inc. 9/12/2014 28.4 MB 3.0.8.0
Autodesk DWG TrueView 2015 - English Autodesk 12/24/2015 375 MB 20.0.51.0
Autodesk Featured Apps Autodesk 9/12/2014 8.66 MB 1.2.0
Autodesk Inventor Content Center Libraries 2015 (Desktop Content) Autodesk 9/12/2014 1.34 MB 19.0.15900.0000
Autodesk Inventor Professional 2015 - English Autodesk 12/24/2015 375 MB 19.0.15900.0000
Autodesk Material Library 2015 Autodesk 9/12/2014 103 MB 5.2.9.100
Autodesk Material Library Base Resolution Image Library 2015 Autodesk 9/12/2014 117 MB 5.2.9.100
Autodesk Material Library Low Resolution Image Library 2015 Autodesk 9/12/2014 286 MB 5.2.9.100
Autodesk ReCap Autodesk 12/24/2015 375 MB 1.3.3.1
Autodesk Revit Interoperability for Inventor 2015 Autodesk 12/24/2015 84.9 MB 15.0.166.0
Autodesk Vault Basic 2015 (Client) Autodesk 12/24/2015 375 MB 19.0.49.0
Avast Free Antivirus AVAST Software 12/24/2015 1.46 GB 10.2.2218
AVG AVG Technologies 12/14/2015 1.22.1.40089
AVG Protection AVG Technologies 12/14/2015 2016.12.7303
Avira Antivirus Avira Operations GmbH & Co. KG 12/24/2015 397 MB 15.0.15.129
Avira Launcher Avira Operations GmbH & Co. KG 12/24/2015 14.5 MB 1.1.52.15531
Blender Blender Foundation 12/14/2015 2.72b
Bonjour Apple Inc. 3/1/2015 3.23 MB 3.0.0.10
Calculator Microsoft Corporation 12/31/2015 10.1512.54020.0
Camera Microsoft Corporation 12/18/2015 2015.1211.10.0
CCleaner Piriform 1/2/2016 5.13
CodeBlocks The Code::Blocks Team 12/14/2015 13.12
Colasoft MAC Scanner 2.2 Free Colasoft LLC. 4/13/2015 13.8 MB 2.0
CommView for WiFi TamoSoft 3/24/2015 87.6 MB 7.1
Configurator 360 addin Autodesk, Inc. 9/12/2014 44.5 MB 19.0.11300.9000
Dropbox Dropbox, Inc. 12/14/2015 3.12.5
Eco Materials Adviser for Autodesk Inventor 2015 (64-bit) Granta Design Limited 9/12/2014 116 MB 5.3.8.0
EMCO MAC Address Scanner 1.3 EMCO Software 12/21/2015 56.7 MB 1.3.2.475
Entity Framework 6.1.1 Tools  for Visual Studio 2013 Microsoft Corporation 11/10/2014 56.0 MB 12.0.30610.0
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Microsoft Corporation 8/13/2015 42.4 MB 14.0.40302.0
ESET Online Scanner v3 1/1/2016
Exif-Viewer 2.50 Ralf Bibinger 12/28/2015 2.50
Garmin City Navigator North America NT 2015.20 Garmin Ltd or its subsidiaries 10/19/2014 2.83 GB 2.0.0.0
Garmin Express Garmin Ltd or its subsidiaries 12/24/2015 249 MB 4.0.15.0
Get Office Microsoft Corporation 12/17/2015 17.6508.23761.0
Get Skype Skype 12/14/2015 3.2.1.0
Get Started Microsoft Corporation 12/17/2015 2.5.6.0
Git version 1.9.5-preview20150319 The Git Development Community 7/9/2015 201 MB 1.9.5-preview20150319
Google Chrome Google Inc. 9/12/2014 466 MB 47.0.2526.106
Google Drive Google, Inc. 11/25/2015 69.1 MB 1.26.0707.2863
Google Update Helper 9/12/2014
Groove Music Microsoft Corporation 12/15/2015 3.6.15131.0
GWizardE CNCCookbook, Inc. 12/24/2015 2.29 MB 2.30
IIS 10.0 Express Microsoft Corporation 8/13/2015 48.1 MB 10.0.1734
IIS Express Application Compatibility Database for x64 12/14/2015
IIS Express Application Compatibility Database for x86 12/14/2015
Intel® Graphics Media Accelerator Driver Intel Corporation 12/14/2015 54.2 MB 8.15.10.1930
Intel® Management Engine Interface Intel Corporation 12/14/2015
Intel® Active Management Technology Intel Corporation 12/24/2015 13.4 MB
iTunes Apple Inc. 4/17/2015 291 MB 12.1.2.27
Java 8 Update 45 Oracle Corporation 4/17/2015 9.69 MB 8.0.450
Java 8 Update 45 (64-bit) Oracle Corporation 4/17/2015 38.7 MB 8.0.450
Java SE Development Kit 7 Update 67 (64-bit) Oracle 9/27/2014 421 MB 1.7.0.670
Java SE Development Kit 8 Update 20 Oracle Corporation 9/27/2014 464 MB 8.0.200.26
KODAK AiO Software Eastman Kodak Company 12/24/2015 28.1 MB 7.8.5.2
LADSPA_plugins-win-0.4.15 Audacity Team 12/24/2015 28.4 MB
LAME v3.99.3 (for Windows) 7/29/2015 1.54 MB
Linksys Compact Wireless-G USB Adapter Driver - WUSB54GC Linksys, A Division of Cisco Systems, Inc. 9/13/2014 1.0
Mail and Calendar Microsoft Corporation 12/31/2015 17.6525.42271.0
Malwarebytes Anti-Malware version 2.2.0.1024 Malwarebytes 1/2/2016 66.1 MB 2.2.0.1024
Maps Microsoft Corporation 12/18/2015 4.1512.3450.0
Messaging + Skype Microsoft Corporation 12/18/2015 2.12.15004.0
Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft Corporation 11/10/2014 48.0 MB 4.5.50710
Microsoft .NET Framework 4.5 SDK Microsoft Corporation 11/10/2014 37.0 MB 4.5.50710
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft Corporation 11/10/2014 55.6 MB 4.5.50932
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft Corporation 11/10/2014 51.0 MB 4.5.50932
Microsoft .NET Framework 4.5.1 SDK Microsoft Corporation 11/10/2014 38.8 MB 4.5.51641
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack Microsoft Corporation 8/13/2015 55.7 MB 4.5.51209
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) Microsoft Corporation 8/13/2015 51.0 MB 4.5.51209
Microsoft .NET Framework 4.6 SDK Microsoft Corporation 8/13/2015 40.0 MB 4.6.00081
Microsoft .NET Framework 4.6 Targeting Pack Microsoft Corporation 8/13/2015 50.7 MB 4.6.00081
Microsoft .NET Framework 4.6 Targeting Pack (ENU) Microsoft Corporation 8/13/2015 44.3 MB 4.6.00081
Microsoft .NET Version Manager (x64) 1.0.0-beta5 Microsoft Corporation 8/13/2015 136 KB 1.0.10609.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 8/17/2015 23.8 MB 3.5.92.0
Microsoft Games for Windows Marketplace Microsoft Corporation 8/17/2015 8.87 MB 3.5.67.0
Microsoft Help Viewer 2.0 Microsoft Corporation 12/24/2015 3.72 MB 2.0.50727
Microsoft Help Viewer 2.1 Microsoft Corporation 12/24/2015 2.81 MB 2.1.21005
Microsoft Help Viewer 2.2 Microsoft Corporation 12/24/2015 3.31 MB 2.2.23107
Microsoft Office Excel Viewer Microsoft Corporation 11/21/2014 142 MB 12.0.6219.1000
Microsoft Office Word Viewer 2003 Microsoft Corporation 11/11/2014 55.9 MB 11.0.8173.0
Microsoft Silverlight Microsoft Corporation 4/10/2015 70.9 MB 5.1.20513.0
Microsoft Silverlight 4 SDK Microsoft Corporation 8/16/2015 103 MB 4.0.60310.0
Microsoft Silverlight 5 SDK Microsoft Corporation 4/10/2015 116 MB 5.0.61118.0
Microsoft Solitaire Collection Microsoft Studios 12/19/2015 3.6.12153.0
Microsoft SQL Server 2012 Command Line Utilities Microsoft Corporation 11/10/2014 4.76 MB 11.1.3000.0
Microsoft SQL Server 2012 Data-Tier App Framework Microsoft Corporation 11/10/2014 10.1 MB 11.1.2902.0
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) Microsoft Corporation 11/10/2014 20.2 MB 11.1.2902.0
Microsoft SQL Server 2012 Express LocalDB Microsoft Corporation 11/10/2014 119 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects Microsoft Corporation 11/10/2014 15.5 MB 11.1.3000.0
Microsoft SQL Server 2012 Management Objects  (x64) Microsoft Corporation 11/10/2014 36.4 MB 11.1.3000.0
Microsoft SQL Server 2012 Native Client Microsoft Corporation 11/10/2014 19.4 MB 11.1.3000.0
Microsoft SQL Server 2012 T-SQL Language Service Microsoft Corporation 11/10/2014 8.42 MB 11.1.3000.0
Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft Corporation 11/10/2014 7.70 MB 11.1.3000.0
Microsoft SQL Server 2014 Express LocalDB Microsoft Corporation 4/10/2015 135 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects Microsoft Corporation 4/10/2015 15.5 MB 12.0.2000.8
Microsoft SQL Server 2014 Management Objects  (x64) Microsoft Corporation 4/10/2015 30.3 MB 12.0.2000.8
Microsoft SQL Server 2014 T-SQL Language Service Microsoft Corporation 4/10/2015 8.28 MB 12.0.2000.8
Microsoft SQL Server 2014 Transact-SQL ScriptDom Microsoft Corporation 4/10/2015 7.82 MB 12.0.2000.8
Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft Corporation 11/10/2014 27.5 MB 4.0.8876.1
Microsoft SQL Server Data Tools - enu (12.0.41012.0) Microsoft Corporation 4/10/2015 56.9 MB 12.0.41012.0
Microsoft SQL Server Data Tools - enu (14.0.50616.0) Microsoft Corporation 8/13/2015 44.0 MB 14.0.50616.0
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft Corporation 11/10/2014 4.30 MB 12.0.30919.1
Microsoft SQL Server System CLR Types Microsoft Corporation 4/10/2015 5.07 MB 10.50.1600.1
Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 4/10/2015 1.67 MB 10.50.1600.1
Microsoft System CLR Types for SQL Server 2012 Microsoft Corporation 11/10/2014 5.61 MB 11.1.3366.16
Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Corporation 11/10/2014 5.82 MB 11.1.3366.16
Microsoft System CLR Types for SQL Server 2014 Microsoft Corporation 8/13/2015 13.5 MB 12.0.2402.11
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 9/15/2014 600 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 9/12/2014 1.21 MB 8.0.59192
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 9/12/2014 1.53 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 9/12/2014 1.53 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 9/12/2014 1.16 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 9/12/2014 1.17 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 9/12/2014 5.03 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 9/12/2014 4.42 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 12/14/2015 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 12/14/2015 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Corporation 12/14/2015 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 12/14/2015 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 12/14/2015 20.5 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 12/14/2015 17.1 MB 12.0.21005.1
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 Microsoft Corporation 12/14/2015 22.4 MB 14.0.23026.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 Microsoft Corporation 12/14/2015 18.6 MB 14.0.23026.0
Microsoft Visual Studio 2013 Preview Shell (Integrated) Microsoft Corporation 12/24/2015 368 KB 12.0.20617.1
Microsoft Visual Studio 2013 Preview Shell (Isolated) Microsoft Corporation 12/24/2015 10.9 MB 12.0.20617.1
Microsoft Visual Studio Community 2013 with Update 4 Microsoft Corporation 12/24/2015 1.14 GB 12.0.31101
Microsoft Visual Studio Community 2015 Microsoft Corporation 12/24/2015 1.28 GB 14.0.23107.10
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 3 Microsoft Corporation 12/24/2015 158 MB 12.0.30723.0
Microsoft Web Deploy 3.6 Microsoft Corporation 8/13/2015 17.6 MB 3.1238.1955
Microsoft Wi-Fi Microsoft Corporation 12/18/2015 1.1511.2.0
Microsoft WSE 3.0 Runtime Microsoft Corp. 9/12/2014 1.84 MB 3.0.5305.0
Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft Corporation 8/17/2015 16.3 MB 4.0.30901.0
Microsoft XNA Game Studio 4.0 Refresh Microsoft Corporation 12/14/2015 4.0.30901.0
Microsoft XNA Game Studio Platform Tools Microsoft Corporation 8/20/2015 23.5 MB 1.4.0.0
MIT App Inventor Tools 2.3.0 Massachusetts Institute of Technology 12/24/2015 177 MB 2.3.0
MIT/GNU Scheme GNU Project 12/24/2015 44.1 MB 9.2
Mockup 360 Addin 2015 Autodesk 9/12/2014 9.81 MB 1.1.0
Money Microsoft Corporation 12/17/2015 4.7.118.0
MonoGame SDK The MonoGame Team 12/24/2015 102 MB 3.4.0.456
Movies & TV Microsoft Corporation 12/14/2015 3.6.15731.0
Mozilla Firefox 35.0 (x86 en-US) Mozilla 12/24/2015 83.0 MB 35.0
Mozilla Maintenance Service Mozilla 12/14/2015 214 KB 35.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 9/15/2014 2.55 MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 9/15/2014 2.67 MB 4.20.9876.0
NetBeans IDE 8.0.1 NetBeans.org 12/24/2015 348 MB 8.0.1
NetSpeedMonitor 2.5.4.0 x64 Florian Gilles 3/24/2015 2.49 MB 2.5.4.0
News Microsoft Corporation 12/17/2015 4.7.118.0
Node.js Joyent, Inc. and other Node contributors 10/20/2014 13.9 MB 0.10.13
OneNote Microsoft Corporation 12/17/2015 17.6366.15841.0
OpenOffice 4.1.1 Apache Software Foundation 9/13/2014 320 MB 4.11.9775
paint.net dotPDN LLC 8/5/2015 52.8 MB 4.0.6
Panda USB Vaccine 1.0.1.4 Panda Security 9/12/2014 2.03 MB
People Microsoft Corporation 12/19/2015 10.0.3450.0
Phone Microsoft Corporation 12/18/2015 2.12.2002.0
Phone Companion Microsoft Corporation 12/17/2015 10.1511.18010.0
Photos Microsoft Corporation 12/17/2015 15.1208.10480.0
Ping tester 12/14/2015
Prerequisites for SSDT Microsoft Corporation 11/10/2014 9.97 MB 12.0.2000.8
PrintProjects RocketLife Inc. 12/24/2015 3.58 MB 1.0.0.9282
Python 3.4.2 (64-bit) Python Software Foundation 10/20/2014 137 MB 3.4.2150
Python Tools 2.1 Beta 2 for Visual Studio 2013 Microsoft Corporation 11/10/2014 47.3 MB 2.1.20620.00
Python Tools for Visual Studio 2.0 Beta (with Visual Studio 2013 Preview) Microsoft Corporation 12/14/2015 813 MB 2.0.10627.5
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 8/27/2015 3.37 MB 6.0.1.7541
Revo Uninstaller 1.95 VS Revo Group 12/24/2015 6.51 MB 1.95
SketchUp 2015 Trimble Navigation Limited 12/14/2014 434 MB 15.1.106
SketchUp Import Autodesk 9/12/2014 155 MB 1.2.0
Sophos Virus Removal Tool Sophos Limited 3/26/2015 204 MB 2.5.4
Sports Microsoft Corporation 12/17/2015 4.7.130.0
Store Microsoft Corporation 12/17/2015 2015.25.5.0
Sublime Text 2.0.2 7/9/2015 19.9 MB
Sway Microsoft Corporation 12/18/2015 17.6509.20251.0
Tablet Driver V8.0 12/14/2015
TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 Microsoft Corporation 12/24/2015 32.6 MB 1.5.23128.0
Vim 7.3 (self-installing) 12/14/2015
Visual Studio 2012 x64 Redistributables AVG Technologies 9/12/2014 17.0 MB 14.0.0.1
Visual Studio 2012 x86 Redistributables AVG Technologies CZ, s.r.o. 9/12/2014 3.99 MB 14.0.0.1
Voice Recorder Microsoft Corporation 12/22/2015 10.1512.21110.0
WCF RIA Services V1.0 SP2 Microsoft Corporation 4/10/2015 13.8 MB 4.1.62812.0
Weather Microsoft Corporation 12/17/2015 4.7.118.0
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Dynastream Innovations, Inc. 12/14/2015 04/11/2012 1.2.40.201
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) Silicon Labs Software 12/14/2015 02/06/2007 3.1
Windows DVD Player Microsoft Corporation 12/17/2015 3.6.13291.0
Windows Phone app for desktop Microsoft Corporation 8/10/2015 16.0 MB 1.1.2726.0
Windows Phone SDK 8.0 - ENU Microsoft Corporation 12/24/2015 1.25 GB 11.0.50727.61
WinRAR 5.11 (32-bit) win.rar GmbH 12/24/2015 4.01 MB 5.11.0
Wireshark 1.12.4 (32-bit) The Wireshark developer community, http://www.wireshark.org 12/24/2015 87.2 MB 1.12.4
Wisdom-soft ScreenHunter 6.0 Free Wisdom Software Inc. 12/14/2015
Xbox Microsoft Corporation 12/15/2015 11.12.9011.0
XMind 2013 (v3.4.1) XMind Ltd. 9/25/2014 213 MB 3.4.1.201401221918
Yahoo! Messenger Yahoo! Inc. 12/14/2015
 


#9 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:33 PM

Posted 03 January 2016 - 11:30 AM

While I'm checking the startups uninstall these programs:

AVG AVG Technologies 12/14/2015 1.22.1.40089
AVG Protection AVG Technologies 12/14/2015 2016.12.7303
Avira Antivirus Avira Operations GmbH & Co. KG 12/24/2015 397 MB 15.0.15.129
Avira Launcher Avira Operations GmbH & Co. KG 12/24/2015 14.5 MB 1.1.52.15531
Panda USB Vaccine 1.0.1.4 Panda Security 9/12/2014 2.03 MB
Sophos Virus Removal Tool Sophos Limited 3/26/2015 204 MB 2.5.4
ESET Online Scanner v3 1/1/2016
 
Google Update Helper 9/12/2014
Yahoo! Messenger Yahoo! Inc. 12/14/2015
Java 8 Update 45 Oracle Corporation 4/17/2015 9.69 MB 8.0.450
Java 8 Update 45 (64-bit) Oracle Corporation 4/17/2015 38.7 MB 8.0.450
Java SE Development Kit 7 Update 67 (64-bit) Oracle 9/27/2014 421 MB 1.7.0.670
Java SE Development Kit 8 Update 20 Oracle Corporation 9/27/2014 464 MB 8.0.200.26
 
You have a lot of developer programs. Look through them and uninstall the ones you don't use.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 singlemom920

singlemom920
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 03 January 2016 - 11:43 AM

AVG is asking if I want to keep or delete vault content ... which should I do?



#11 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:33 PM

Posted 03 January 2016 - 11:46 AM

Allow AVG to uninstall/ Delete All of its files.

 

Disable these Windows Startups: Use CCleaner by clicking on each item and then choose Disable on the right.

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes HKCU:RunOnce Uninstall C:\Users\Heather\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64 Microsoft Corporation C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q

Yes HKLM:Run AVG_UI AVG Technologies CZ, s.r.o. "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY

Yes HKLM:Run avgnt Avira Operations GmbH & Co. KG "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
Yes HKLM:Run Avira SystrayStartTrigger Avira Operations GmbH & Co. KG C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
Yes HKLM:Run Conime %windir%\system32\conime.exe (this may be malware related...if you can find the file submit it to VirusTotal - Free Online Virus and Malware Scan
to be scanned by numerous security programs)
Yes Startup Common McAfee Security Scan Plus.lnk McAfee, Inc. C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Delete...not just Disable)
 
Disable ALL Scheduled Tasks:

Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task CommView for WiFi Update TamoSoft C:\Program Files (x86)\CommViewWiFi\Updater.exe
Yes Task DropboxUpdateTaskUserS-1-5-21-186936371-685096657-845075952-1000Core Dropbox, Inc. C:\Users\Heather\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
Yes Task DropboxUpdateTaskUserS-1-5-21-186936371-685096657-845075952-1000UA Dropbox, Inc. C:\Users\Heather\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Yes Task GarminUpdaterTask C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task PandaUSBVaccine Panda Security S.L "C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe" "C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe" /resident  /agreelicense (Delete...not just Disable)
Yes Task {83714368-C56A-40EA-B759-1FD317E41DB7} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\Heather\Downloads\Msvbvm50.exe -d C:\Users\Heather\Downloads

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 singlemom920

singlemom920
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 03 January 2016 - 11:56 AM

Thank you.

 

I will have to wait until I speak to my son to determine which applications he uses for his programming.  He will be home tonight.



#13 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:33 PM

Posted 03 January 2016 - 12:15 PM

Okay...please let me know the results of submitting that conime.exe to Virus Total....


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 singlemom920

singlemom920
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:33 PM

Posted 03 January 2016 - 09:52 PM

I can't find conime.exe anywhere.  doesn't come up with a search for all *.exe or any system32 folders.  I even looked in SysWOW64 folder.  I have "show hidden files and folders" checked.  



#15 buddy215

buddy215

  • Moderator
  • 13,124 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:33 PM

Posted 04 January 2016 - 04:56 AM

Here is what I relied on to think conime.exe may be malicious....<not used> - conime.exe - Program Information

 

Have you completed the uninstalls and disabling of the Startups and Tasks? After doing that I think it best to start a new topic

in the Malware Removal Forum for a deeper look.

 

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users